CVE-2008-5071

Publication date

2008-11-14 16:00:00

Family

mitre

State

PUBLISHED

Description

Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel 1.23beta and earlier allow remote authenticated users to execute arbitrary PHP code via the proj_id parameter.